using userPassword instead sambaNTPassword

Nicolás Guerra nicoguerrarocha at gmail.com
Thu Sep 18 17:56:22 CEST 2014 

this is the server log output:
# radiusd -X > log.radius
I don't understand what "**WARNING: No "known good" password was found 
in LDAP.  Are you sure that *the **user is configured correctly?*" means?
what is freeradius expecting from the openldap user's configuration?
and, why if I enter sambaNTPassword works fine?


Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server 
inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 10.202.10.93 port 60123, 
id=47, length=165
         User-Name = "nicolas.guerra"
         Called-Station-Id = "A0-F3-C1-CF-E3-06:OpenWrt"
         NAS-Port-Type = Wireless-802.11
         NAS-Port = 1
         Calling-Station-Id = "CC-FE-3C-92-E0-1B"
         Connect-Info = "CONNECT 54Mbps 802.11g"
         Framed-MTU = 1400
         EAP-Message = 0x02dc0013016e69636f6c61732e677565727261
         Message-Authenticator = 0xb415d249f91323467312cdea8bd9ff84
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "nicolas.guerra", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 220 length 19
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
[ldap] performing user authorization for nicolas.guerra
[ldap]  expand: (uid=%u) -> (uid=nicolas.guerra)
[ldap]  expand: ou=People,ou=Users,dc=asse -> ou=People,ou=Users,dc=asse
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] attempting LDAP reconnection
   [ldap] (re)connect to ldap:389, authentication 0
   [ldap] bind as / to ldap:389
   [ldap] waiting for bind result ...
   [ldap] Bind was successful
   [ldap] performing search in ou=People,ou=Users,dc=asse, with filter 
(uid=nicolas.guerra)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
*WARNING: No "known good" password was found in LDAP.  Are you sure that 
the **user is configured correctly?**
*[ldap] user nicolas.guerra authorized to use remote access
   [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
*[pap] WARNING! No "known good" password found for the user. 
Authentication may fail because of this.**
*++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 47 to 10.202.10.93 port 60123
         EAP-Message = 0x01dd001604107fe91282f5b1fe93fa0490f7444fb1f6
         Message-Authenticator = 0x00000000000000000000000000000000
         State = 0x02a12214027c2680a4308d96285f86cc
Finished request 0.


any help woould be wellcome,
Sds Nicolas.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140918/51c34dbe/attachment.html>

More information about the Freeradius-Users mailing list